Tag Archives: symc

Middle Eastern Banks Hacked After $81 Mil Bangladesh Heist: FireEye

FireEye ( FEYE ) researchers say a series of cyberattacks on Middle Eastern banks isn’t related to an earlier digital heist of Bangladesh Bank that netted $81 million, but didn’t say whether it has ties to similar assults on banks in Ecuador and Vietnam. This month, FireEye’s DTI (dynamic threat intelligence) discovered “a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region,” according to a company blog post Sunday. “The threat actors appear to be performing initial reconnaissance against would-be targets,” researchers wrote, “and the attacks caught our attention since they were using unique scripts not commonly seen in crimeware campaigns.” A FireEye spokesman told IBD the Middle Eastern assault doesn’t appear to be related to a recent attack on Bangladesh Bank, but didn’t say whether it could be tied to breaches of banks in Ecuador and Vietnam. The Bangladesh breach is one of the biggest in history. FireEye reportedly was hired to investigate . In the Middle East case, hackers sent malware-infused emails with themes related to IT infrastructure “such as a log of sever status report or a list of Cisco Iron Port Appliance details,” FireEye researchers wrote. Employees forwarded the email on, containing an infected, macros-enabled Microsoft Excel file. Microsoft Office documents are frequently used in crimeware campaigns because default settings require users to order macros to run. “Attackers may convince victims to enable risky macro code by telling them that the macro is required to view ‘protected content,’” researchers wrote. But this campaign took it a step further, hiding the malware in plain sight. “This was done for the purpose of social engineering — specifically, to convince the victim that enabling the macro did, in fact, result in the ‘unhiding’ of additional spreadsheet data,” researchers wrote. Hackers installed a batch file to collect important system data including user and group accounts, network configuration data and running processes. Unusually, the malware used DNS (domain name system) queries to extract the data. “This was likely done because DNS is required for normal network operations,” researchers said. “The DNS protocol is unlikely to be blocked and its use is unlikely to raise suspicion among network defenders.” Users can protect themselves by disabling Microsoft Office macros “and also by being more vigilant when enabling macros,” FireEye said. In morning trading on the stock market today , FireEye stock lifted more than 4.5%, outplaying the IBD Computer Software-Security industry group, which collectively was up a fraction. Palo Alto Networks ( PANW ) and Symantec ( SYMC ) stocks were up 2% and a fraction, respectively.

CyberArk Defies Broad Security Tumble On ‘Broadening’ Sales Views

CyberArk Software ( CYBR ) stock lifted Thursday on a bullish report from Imperial Capital that sees an 8% upside to the privileged account manager’s Q1 earnings, posted early this month, driven by increased cross-selling opportunities and broader greenfield adoption. Imperial Capital analyst Michael Kim kept his in-line rating on CyberArk stock, but boosted his price target to 45 from 41. In early afternoon trading on the stock market today , CyberArk stock was up 2%, near 42, and touched a six-week high at 42.94. But shares are 16% off a 2016 high of 49.56, achieved Jan. 22. The lift defied a fractional decline in IBD’s 26-company Computer Software-Security industry group. Shares of Imperva ( IMPV ), FireEye ( FEYE ),  Check Point Software Technology ( CHKP ) and  Symantec ( SYMC ) were all down more than 1% apiece Thursday afternoon. “At current levels, we think CyberArk shares offer balanced risk/reward,” Kim wrote in a research report. “Investors could become more constructive as the company gains greater scale and broader adoption of its new offerings.” Kim expects less volatile near-term license revenue growth and margin expansion. But he cut his 2017 earnings per share minus items view to $1.14 from $1.16 on expected investments in growth. Wall Street models $1.13, up 23% above 2016 views for 92 cents. CyberArk still has runway to add new customers, Kim wrote. During Q1, CyberArk added 100 new customers, bringing the company’s installed base to 2,600. Nearly a third of new customers added three or more products, “highlighting the company’s broadening cross-selling and up-selling opportunities.” In Q1, CyberArk also doubled its sales in its government, health care, retail, media and education segments. License revenue grew 38% vs. the year-earlier quarter, trailing 50% growth in the maintenance and professional services business.

Symantec To Cut 1,200 Jobs, Close Offices After Q4 Sales Miss

Symantec ( SYMC ) is cutting 1,200 jobs and closing a quarter of its offices as part of a broad $400 million cost reduction plan, the No. 3 cybersecurity firm announced Thursday as it reported fiscal Q4 sales that missed Wall Street views. On Friday, William Blair analyst Jonathan Ho said he was “perplexed” by the cuts at a time when older, legacy players like Symantec need to work to catch up with next-generation vendors such as  Palo Alto Networks ( PANW ). “We are perplexed at how the company plans to reposition itself as a next-generation security player and reaccelerate growth, while simultaneously reducing spending and headcount,” Ho wrote in a research report. But he called the strategy “ambitious” and maintained his market perform rating on Symantec stock. In morning trading on the stock market today , Symantec stock was up a fraction, near 17. Shares began forming a handle on March 21, but they have since fallen 10%, matching an equal decline in IBD’s 26-company Computer Software-Security industry group. For its fiscal Q4 ended April 1, Symantec reported $873 million in sales and 22 cents earnings per share minus items, down a respective 6% and 24% year over year, but in line with the company’s preannouncement. Both metrics lagged the consensus of 29 analysts polled by Thomson Reuters for $878.7 million in revenue and 23 cents EPS. Symantec’s $3.6 billion in fiscal 2016 sales met the consensus model, but $1.03 EPS ex items missed by a penny. On a year-over-year basis, the measures fell 10% and 21%, respectively. Adjusting for currency, consumer sales fell a respective 7% and 9% during fiscal Q4 and fiscal 2016, leading 4% and 2% declines in enterprise sales. Symantec blamed the enterprise decline on a shift in customer spending toward subscriptions and away from licenses. Ho said the accelerating migration to next-generation subscription products disfavors a legacy player like Symantec. “We remain concerned that the long-term transition away from legacy antivirus to next-generation solutions may be happening at an accelerating pace, which could be a headwind to Symantec’s legacy business,” he wrote. Current-quarter guidance for $865 million to $895 million in sales and 24-26 cents EPS minus items would be down 4% at the midpoints. For fiscal 2017, Symantec guided to $3.49 billion to $3.58 billion, which would be down 2% at the midpoint but better than the 10% decline in fiscal 2016. Symantec’s job cuts represent about 9% of its workforce and will save about $100 million, CFO Thomas Seifert told analysts on the company’s earnings conference call late Thursday. As of Thursday, Symantec’s 11,223 headcount was already down 43% from a year ago. The company hopes that closing 25% of its facilities will save another $35 million. The company also plans to trim target service agent and IT costs “stranded” after the Veritas divestiture, and it is reining in $100 million in spending. Symantec early this year completed the sale of data storage software maker Veritas to a group led by private-equity firm Carlyle Group ( CG ) for about $5.3 billion after taxes.